| 一种对IRBAC2000模型的改进方法 |
| |
| 引用本文: | 廖振松,金海,羌卫中.一种对IRBAC2000模型的改进方法[J].华中科技大学学报(自然科学版),2005,33(Z1):292-295. |
| |
| 作者姓名: | 廖振松 金海 羌卫中 |
| |
| 作者单位: | 华中科技大学,计算机科学与技术学院,湖北,武汉,430074 |
| |
| 基金项目: | 国家自然科学基金重大专题资助项目(90412010) |
| |
| 摘 要: | 针对IRABC2000模型在安全方面的不足,在认真分析IRBAC2000模型的基础上,提出了一种新的改进方案,解决了因角色关联而引起的交叉和冲突.该方案去掉角色继承,改角色层次结构为目录结构,将角色的差异体现在角色-权限的映射,同时允许角色跨域关联,但拒绝角色传递,对改进后的模型进行了安全性和灵活性分析.实验表明,该改进方案具有较高的安全性和操控的灵活性.
|
| 关 键 词: | 基于角色的访问控制 IRBAC2000 角色继承 安全互操作 |
| 文章编号: | 1671-4512(2005)S1-0292-04 |
| 修稿时间: | 2005年8月25日 |
An improved approach towards the model of IRBAC2000 |
| |
| Liao Zhensong,Jin Hai,Qiang Weizhong.An improved approach towards the model of IRBAC2000[J].JOURNAL OF HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY.NATURE SCIENCE,2005,33(Z1):292-295. |
| |
| Authors: | Liao Zhensong Jin Hai Qiang Weizhong |
| |
| Institution: | Liao Zhensong Jin Hai Qiang Weizhong Doctoral Candidate,College of Computer Sci.& Tech.,Huazhong Univ.of Sci.& Tech.,Wuhan 430074,China. |
| |
| Abstract: | According to the security pitfalls of IRBAC2000 model,an improved approach is proposed to deal with the problems of role intersection and role conflicts.The approach discards role hierarchy,changes it into the directory structure.The difference between roles appears on the map from role to privilege.Meanwhile,the improved approach allows roles to have an association across various secure domains,however,the role transitive is disallowed.This paper still gives a detailed analysis of the improved approach on security and feasibility.The experimental results show that the improved approach has a good practicability and operation flexibility. |
| |
| Keywords: | RBAC IRBAC2000 role hierarchy security interoperability |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
